ISO 42001

ISO/IEC 42001:2023 — AI Management Systems

First certifiable international standard for AI management systems. Uses Plan-Do-Check-Act methodology. Third-party certification available; major AI systems have achieved certification.

Jurisdiction

International

Enacted

Pending

Effective

Dec 18, 2023

Enforcement

TBD

ISO

Why It Matters

Becoming de facto compliance demonstration mechanism. Organizations align with EU AI Act using ISO 42001 for risk assessments.

Recent Developments

Microsoft 365 Copilot, AWS, Google Cloud have achieved certification. Increasingly used as "audit language" in procurement.

At a Glance

Requires

Risk Assessment Audit Trail

Who Must Comply

Organizations seeking AI management system certification

Obligations fall on:

Safety Provisions

AI policy and objectives
Risk assessment processes
Controls for AI-specific risks
Monitoring and measurement
Continual improvement

Primary Source

ISO

https://www.iso.org/standard/81230.html

View on map

International

Focus Areas

Algorithmic accountability

Cite This

APA

International. (2023). ISO/IEC 42001:2023 — AI Management Systems.

Related Regulations

In Effect INTL

ISO 23894

AI risk management guidance complementing ISO 31000. Lifecycle risk management; audit/procurement language.

In Effect INTL

UNESCO AI Ethics

Global normative framework adopted by all 193 UN Member States. Policy Area 8 (Health and Social Wellbeing) directly addresses mental health AI.

In Effect AU-UNION

Continent-wide AI strategy endorsed by African Union Executive Council covering 55 member states. Phased implementation 2025-2030. Phase I (2025-2026) focuses on creating governance frameworks, developing national AI strategies, resource mobilization, and capacity building. Aims to harmonize AI development across Africa while respecting member state sovereignty.

In Effect BN

Last updated January 22, 2026. Verify against primary sources before relying on this information.